Sunday, January 29, 2017

Examples of Netstat Commands ?


Netstat :-

Netstat is useful command which will helps us to determine  the  Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.

Below are some useful netstat command examples :-

[root@linuxtechnotes ~]# netstat -aunt
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:199               0.0.0.0:*                   LISTEN
tcp        1      0 192.168.150.129:54189       23.59.189.83:80             CLOSE_WAIT
tcp        0     64 192.168.150.129:22          192.168.150.1:53360         ESTABLISHED
tcp        0      0 :::22                       :::*                        LISTEN
tcp        0      0 ::1:631                     :::*                        LISTEN
tcp        0      0 ::1:25                      :::*                        LISTEN
udp        0      0 0.0.0.0:161                 0.0.0.0:*
udp        0      0 0.0.0.0:68                  0.0.0.0:*
udp        0      0 0.0.0.0:631                 0.0.0.0:*
[root@linuxtechnotes ~]#




[root@linuxtechnotes ~]# netstat -tunlap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      7544/sshd
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN      7364/cupsd
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      7657/master
tcp        0      0 127.0.0.1:199               0.0.0.0:*                   LISTEN      9474/snmpd
tcp        1      0 192.168.150.129:54189       23.59.189.83:80             CLOSE_WAIT  26225/clock-applet
tcp        0      0 192.168.150.129:22          192.168.150.1:53360         ESTABLISHED 5996/sshd
tcp        0      0 :::22                       :::*                        LISTEN      7544/sshd
tcp        0      0 ::1:631                     :::*                        LISTEN      7364/cupsd
tcp        0      0 ::1:25                      :::*                        LISTEN      7657/master
udp        0      0 0.0.0.0:161                 0.0.0.0:*                               9474/snmpd
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               1413/dhclient
udp        0      0 0.0.0.0:631                 0.0.0.0:*                               7364/cupsd
[root@linuxtechnotes ~]#


[root@linuxtechnotes ~]# netstat -tunlap  | grep -i 161
udp        0      0 0.0.0.0:161                 0.0.0.0:*                               9474/snmpd
[root@linuxtechnotes ~]#
[root@linuxtechnotes ~]# netstat -tunlap  | grep -i 22
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      7544/sshd
tcp        1      0 192.168.150.129:54189       23.59.189.83:80             CLOSE_WAIT  26225/clock-applet
tcp        0     64 192.168.150.129:22          192.168.150.1:53360         ESTABLISHED 5996/sshd
tcp        0      0 :::22                       :::*                        LISTEN      7544/sshd
[root@linuxtechnotes ~]#





From the above examples  you can see tcp and UDP connectoins with ports and its status .

         LISTEN means :- The socket is listening for incoming connections

        ESTABLISHED :-  The socket has an established connection.

        CLOSE_WAIT :-  The remote end has shut down, waiting for the socket to close.

        TIME_WAIT : -  The socket is waiting after close to handle packets still in the network.

       CLOSED :- The socket is not being used.

       CLOSE_WAIT :- The remote end has shut down, waiting for the socket to close.

       LAST_ACK :- The remote end has shut down, and the socket is closed. Waiting for                                                        acknowledgement.

       CLOSING :- Both sockets are shut down but we still don’t have all our data sent.

       UNKNOWN :- The state of the socket is unknown.

        SYN_SENT :- The socket is actively attempting to establish a connection.

       SYN_RECV :- A connection request has been received from the network.

       FIN_WAIT1 :-  The socket is closed, and the connection is shutting down.

       FIN_WAIT2 :-  Connection is closed, and the socket is waiting for a shutdown from the remote                                      end.



6 comments:

  1. Replies
    1. Great Article Cloud Computing Projects

      Networking Projects

      Final Year Projects for CSE

      JavaScript Training in Chennai

      JavaScript Training in Chennai

      The Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals, Routing, and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer. Angular Training

      Delete
  2. if you would like check to see if port is enabled or not , run below command
    #nc -zv

    ReplyDelete